Known Exploited Vulnerability: CVE-2018-6530

D-Link Multiple Routers OS Command Injection Vulnerability

Catalog version: 2026.07.07 Date added: 2022-09-08 Due date: 2022-09-29 CISA catalog

Vendor: D-Link

Product: Multiple Routers

Required action: The vendor D-Link published an advisory stating the fix under CVE-2018-20114 properly patches KEV entry CVE-2018-6530. If the device is still supported, apply updates per vendor instructions. If the affected device has since entered its end-of-life, it should be disconnected if still in use.

Known ransomware campaign use: Known

Notes: https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10105 https://nvd.nist.gov/vuln/detail/CVE-2018-6530

CWEs

cvelogic Threat Intelligence